PKI Meeting ( Pre ( Pre - -e v e nt A ware ne ss Workshop) e v e nt A ware ne ss Workshop) 20 20th th November 2013 November 2013 By: By: Michael K. Katundu Michael K. Katundu Director, Information Technology Director, Information Technology Communications Commission of Kenya (CCK) Communications Commission of Kenya (CCK) COMESA Cyber Security and PKI Meeting COMESA Cyber Security and PKI Meeting ( Pre ( Pre - -e v e nt A ware ne ss Workshop) e v e nt A ware ne ss Workshop) 20 20th th November 2013 November 2013 By: By: Michael K. Katundu Michael K. Katundu Director, Information Technology Director, Information Technology Communications Commission of Kenya (CCK) Communications Commission of Kenya (CCK)
framework 3. Collaboration in Cyber Crime Management 4. Overview of Cyber Incidents in Kenya 5. How to Report Cybercrime attacks in Kenya 6. Kenya’s Public Key Infrastructure (PKI) 7. COMESA Cyber Security and PKI Meeting 1. Introduction 2. Implementation of Kenya’s National Cybersecurity Management framework 3. Collaboration in Cyber Crime Management 4. Overview of Cyber Incidents in Kenya 5. How to Report Cybercrime attacks in Kenya 6. Kenya’s Public Key Infrastructure (PKI) 7. COMESA Cyber Security and PKI Meeting 2
against Cybercrime or cyber-attacks. It is the defense against attacks on Information and Communications Technology (ICT) infrastructure. It is a means of safeguarding computer networks and the information they contain from penetration and malicious damage or disruption. What is Cyber Crime? Cyber crime refers to attacks on the Information and Communications Technology (ICT) infrastructure. Cyber-attacks are mainly directed to computer networks, computer data, Facebook, emails, Bank accounts and websites, among others. Cyber-attacks can lead to malicious damage or disruption of services, including loss of money. Cyber-attacks can be committed through the Internet using Computers, Tablets , Mobile phones, among others. Many types of cybercrimes are simply extensions of existing physical criminal activities. What is Cyber Security? Cyber security is the defense against Cybercrime or cyber-attacks. It is the defense against attacks on Information and Communications Technology (ICT) infrastructure. It is a means of safeguarding computer networks and the information they contain from penetration and malicious damage or disruption. What is Cyber Crime? Cyber crime refers to attacks on the Information and Communications Technology (ICT) infrastructure. Cyber-attacks are mainly directed to computer networks, computer data, Facebook, emails, Bank accounts and websites, among others. Cyber-attacks can lead to malicious damage or disruption of services, including loss of money. Cyber-attacks can be committed through the Internet using Computers, Tablets , Mobile phones, among others. Many types of cybercrimes are simply extensions of existing physical criminal activities. 3
cyber security management entity that acts as a Trusted Point of Contact for a given country where Citizens, regional and international communities report cybercrime incidents for assistance. To effectively discharge its mandate, best practice requires that a National CIRT establishes relevant partnerships at the National, Regional and International level. In Kenya the National CIRT is the KE-CIRT/CC Sector CIRTs This refers to a technical cyber security management framework that serves a particular industry. Examples include a law enforcement CIRT, a financial sector CIRT, a Telecommunications Operators sector CIRT, an Academia sector CIRT, among others Stakeholders interest groups are encouraged to form their respective sector CIRTs to coordinate cyber security management within their sectors, in collaboration with the National KE-CIRT/CC. National CIRTs A National CIRT is a technical cyber security management entity that acts as a Trusted Point of Contact for a given country where Citizens, regional and international communities report cybercrime incidents for assistance. To effectively discharge its mandate, best practice requires that a National CIRT establishes relevant partnerships at the National, Regional and International level. In Kenya the National CIRT is the KE-CIRT/CC Sector CIRTs This refers to a technical cyber security management framework that serves a particular industry. Examples include a law enforcement CIRT, a financial sector CIRT, a Telecommunications Operators sector CIRT, an Academia sector CIRT, among others Stakeholders interest groups are encouraged to form their respective sector CIRTs to coordinate cyber security management within their sectors, in collaboration with the National KE-CIRT/CC. 4
Information and Communications Technology Sector Policy of 2006; The Kenya Information and Communications Act CAP411A of 1998; and The Kenya Information and Communications (Electronic Certification and Domain Name Administration) Regulations of 2010, among other legal instruments; The national Kenya Computer Incident Response Team Coordination Centre (KE-CIRT/CC) 5 Cybersecurity management framework in Kenya includes: The Kenya Information and Communications Technology Sector Policy of 2006; The Kenya Information and Communications Act CAP411A of 1998; and The Kenya Information and Communications (Electronic Certification and Domain Name Administration) Regulations of 2010, among other legal instruments; The national Kenya Computer Incident Response Team Coordination Centre (KE-CIRT/CC)
Information and Communications Act CAP411A of 1998 mandates the CCK to implement Kenya’s national cyber security management framework In October 2012, the CCK established the Kenya Computer Incident Response Team/Coordination Centre (KE-CIRT/CC), Kenya’s national trusted point of contact for cyber security matters. The functions of the KE-CIRT/CC include; • Offering advisories on cyber security matters to its constituents and coordinating cyber incident response in collaboration with relevant actors locally, regionally and internationally. • Gathering and disseminating technical information on computer security incidents; • Carrying out research and analysis on computer security; • Facilitating the development of a national Public Key Infrastructure (PKI); and, • Capacity building in information security and creating and maintaining awareness on cyber security-related activities. The Kenya Information and Communications Act CAP411A of 1998 mandates the CCK to implement Kenya’s national cyber security management framework In October 2012, the CCK established the Kenya Computer Incident Response Team/Coordination Centre (KE-CIRT/CC), Kenya’s national trusted point of contact for cyber security matters. The functions of the KE-CIRT/CC include; • Offering advisories on cyber security matters to its constituents and coordinating cyber incident response in collaboration with relevant actors locally, regionally and internationally. • Gathering and disseminating technical information on computer security incidents; • Carrying out research and analysis on computer security; • Facilitating the development of a national Public Key Infrastructure (PKI); and, • Capacity building in information security and creating and maintaining awareness on cyber security-related activities. 6
with local cyber security stakeholders, in April 2012 the CCK put in place the National Cybersecurity Steering Committee (NCSC) to facilitate the establishment of the national KE- CIRT/CC, as well as oversee the operations of the national KE-CIRT/CC. The NCSC is chaired by CCK and draws members from: • The Ministry of Information, Communication and Technology (MICT); • Telecommunications Service Providers of Kenya (TESPOK), • Internet Service Providers (ISPs) and Undersea Fibre Optic Cable Providers; • Law Enforcement; • Academia; • The Financial sector; • Critical Utilities Infrastructure entities (Kenya Airways, Kenya Civil Aviation, Nairobi Water and Sewerage Company, Kenya Pipeline Corporation, Kenya Power Limited and Kengen Limited); and Government Agencies. To enhance collaboration with local cyber security stakeholders, in April 2012 the CCK put in place the National Cybersecurity Steering Committee (NCSC) to facilitate the establishment of the national KE- CIRT/CC, as well as oversee the operations of the national KE-CIRT/CC. The NCSC is chaired by CCK and draws members from: • The Ministry of Information, Communication and Technology (MICT); • Telecommunications Service Providers of Kenya (TESPOK), • Internet Service Providers (ISPs) and Undersea Fibre Optic Cable Providers; • Law Enforcement; • Academia; • The Financial sector; • Critical Utilities Infrastructure entities (Kenya Airways, Kenya Civil Aviation, Nairobi Water and Sewerage Company, Kenya Pipeline Corporation, Kenya Power Limited and Kengen Limited); and Government Agencies. 7
best practice requires that a national CIRT establishes relevant partnerships at the National, Regional and International level. KE-CIRT/CC has established the following partnerships: National level: National cyber security Steering Committee (NCSC) whose members are drawn from the Ministry of ICT, TESPOK/ISPs/Mobile Operators, academia, the financial sector and the law enforcement; Regional level: EACO cyber security Taskforce (E.A Point of Contact) and other E.A National CIRTs; and International level: ITU, IMPACT, FIRST (ongoing), etc. To effectively discharge its mandate, best practice requires that a national CIRT establishes relevant partnerships at the National, Regional and International level. KE-CIRT/CC has established the following partnerships: National level: National cyber security Steering Committee (NCSC) whose members are drawn from the Ministry of ICT, TESPOK/ISPs/Mobile Operators, academia, the financial sector and the law enforcement; Regional level: EACO cyber security Taskforce (E.A Point of Contact) and other E.A National CIRTs; and International level: ITU, IMPACT, FIRST (ongoing), etc. 8
be reported to the KE-CIRT/CC through: Web portal: http://cirt.cck.go.ke/contact Email: [email protected] Tel: +254-703-0422000/446 or +254-20-4242000/446 Fax: +254-20-4451866 A letter addressed to: Director General Communications Commission of Kenya (CCK) Waiyaki Way P.O. Box 14448, 00800 Westlands NAIROBI, KENYA Cybercrime incidents can be reported to the KE-CIRT/CC through: Web portal: http://cirt.cck.go.ke/contact Email: [email protected] Tel: +254-703-0422000/446 or +254-20-4242000/446 Fax: +254-20-4451866 A letter addressed to: Director General Communications Commission of Kenya (CCK) Waiyaki Way P.O. Box 14448, 00800 Westlands NAIROBI, KENYA 10
the creation, storage, and distribution of digital certificates which are used to verify that a particular public key belongs to a certain entity. A Public Key Infrastructure (PKI) creates digital certificates which map public keys to entities, securely stores these certificates in a central repository, and revokes them if needed. The PKI framework uses public key cryptography, a cryptographic technique that enables users to securely communicate on an insecure public network, and reliably verify the identity of a user via digital signatures. Kenya’s National Public Key Infrastructure (PKI) 12 A Public Key Infrastructure (PKI) refers to a system for the creation, storage, and distribution of digital certificates which are used to verify that a particular public key belongs to a certain entity. A Public Key Infrastructure (PKI) creates digital certificates which map public keys to entities, securely stores these certificates in a central repository, and revokes them if needed. The PKI framework uses public key cryptography, a cryptographic technique that enables users to securely communicate on an insecure public network, and reliably verify the identity of a user via digital signatures.
are the first point of contact for prospective users of PKI services. • The role of RAs is to verify the identity of a user. This function is usually performed by a Certification Authority (CA). Certificate Authorities (CAs) • CAs issue and verify digital certificates that authenticate the identity of organizations and individuals over a public system like the Internet. • The digital certificates are also used to sign electronic messages and documents, which ensure that the electronic messages and documents are not tampered with during the transmission process. A Root Certification Authority (RCA) • RCAs accredit CAs who issue digital certificates to users. • Accreditation ensures that digital certificates issued by the CA are recognized & trusted globally. Kenya’s National Public Key Infrastructure (PKI) 13 Generally a PKI Consists of: Registration Authorities (RAs) • RAs are the first point of contact for prospective users of PKI services. • The role of RAs is to verify the identity of a user. This function is usually performed by a Certification Authority (CA). Certificate Authorities (CAs) • CAs issue and verify digital certificates that authenticate the identity of organizations and individuals over a public system like the Internet. • The digital certificates are also used to sign electronic messages and documents, which ensure that the electronic messages and documents are not tampered with during the transmission process. A Root Certification Authority (RCA) • RCAs accredit CAs who issue digital certificates to users. • Accreditation ensures that digital certificates issued by the CA are recognized & trusted globally.
performed by CCK licensed Electronic Certification Service Providers. The RCA is a regulatory instrument and thus this function will be performed by the CCK Already, the technical implementation of Kenya’s PKI (RA, CA and RCA) is in place. The CCK is currently in the process of developing a licensing framework for the Electronic Certificate Services Providers (E-CSPs). The framework is currently available for public/stakeholder consultations until 25th November 2013. Kenya’s National Public Key Infrastructure (PKI) 14 In Kenya’s framework, the RA and CA functions will be performed by CCK licensed Electronic Certification Service Providers. The RCA is a regulatory instrument and thus this function will be performed by the CCK Already, the technical implementation of Kenya’s PKI (RA, CA and RCA) is in place. The CCK is currently in the process of developing a licensing framework for the Electronic Certificate Services Providers (E-CSPs). The framework is currently available for public/stakeholder consultations until 25th November 2013.
the COMESA member states on the implementation of national cyber security frameworks, national Public Key Infrastructure (PKI) and consideration of the COMESA cyber security and PKI road map. Dates 26th to 28th November 2013 15 Dates 26th to 28th November 2013 Venue Safari Park hotel, Nairobi Target Group Academia, financial institutions, cyber security committees/taskforces, investigators, judges, law enforcement, lawyers, national and sector CIRTs, prosecutors, policy makers, information security professionals, among other cyber crime management stakeholders.
c4dlab
shownet
godan
mikimatsumoto
ennael
hidenorigoto
masatakashiwagi
nenonaninu
anatofuz
dotmariusz
andyhume
maltzj
akosma
sugarenia
tammyeverts
geeforr
hursman
erikaheidi
gr2m
kneath
palkan
